Implementing Post-quantum Cryptography for Developers

Julius Hekkala, Kimmo Halunen, Visa Vallivaara

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review


The possibility of a quantum computer threatens modern public key cryptography. Post-quantum cryptographic algorithms are designed to protect sensitive data and communications also against an attacker equipped with a quantum computer. National Institute of Standards and Technology is standardizing post-quantum algorithms that could replace currently used public key cryptographic algorithms in key exchange and digital signatures. Lattice-based cryptography is one of the post-quantum algorithm groups with the biggest potential. Cryptography libraries are used by developers in all kinds of different solutions, but currently the availability of post-quantum algorithms in open-source libraries is very limited. Implementing post-quantum algorithms into a software library involves a multitude of challenges. We integrated three lattice-based post-quantum algorithms into a fork of Crypto++, a C++ cryptography library. We analyzed challenges in the implementation process and the performance and security of the fork. Especially the complex mathematical ideas behind the algorithms make implementation difficult. The performance of the algorithms was satisfactory but analyzing the security of the implementation in more detail is needed.
Original languageEnglish
Title of host publicationProceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP
ISBN (Electronic)978-989-758-553-1
Publication statusPublished - 2022
MoE publication typeA4 Article in a conference publication
Event8th International Conference on Information Systems Security and Privacy, ICISSP 2022 - Online
Duration: 9 Feb 202211 Feb 2022


Conference8th International Conference on Information Systems Security and Privacy, ICISSP 2022


Dive into the research topics of 'Implementing Post-quantum Cryptography for Developers'. Together they form a unique fingerprint.

Cite this